Closed minijaham closed 3 years ago
This bug cause from gamertag duplicate when creating account Xbox Live, not from server software.
This was tested with other usernames as well.
A lot of servers actually had the same issue.
Even Fallentech, Hyperlands, etc staff account got hacked by this method.
Exactly. Thanks to alvin though, he's told me a solution to this...
Have you report this bug to Microsoft or Xbox?
Have you report this bug to Microsoft or Xbox?
Not yet.
well done, you've just advertised a security vulnerability to hundreds of people...
I'm already aware of this issue thanks to people who informed me in a more responsible manner by emailing team@pmmp.io or otherwise contacting us privately.
How come the issue hasn't been solved yet, if you were already aware of it?
Just wait Microsoft fix this bug. The solution is save real player gamertag without converted to lowercase.
How come the issue hasn't been solved yet, if you were already aware of it?
Because the issue lays with xbox usernames being allowed to have other unicode letters in their names.
Issue description
Steps will explain.
Steps to reproduce the issue
OS and versions
Plugins
Crashdump, backtrace or other files